Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2020-03-10 CVE-2020-0038 Out-of-bounds Read vulnerability in Google Android
In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible read of uninitialized data due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2020-03-10 CVE-2020-0037 Out-of-bounds Read vulnerability in Google Android
In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2020-03-10 CVE-2020-0036 Incorrect Authorization vulnerability in Google Android
In hasPermissions of PermissionMonitor.java, there is a possible access to restricted permissions due to a permissions bypass.
local
low complexity
google CWE-863
7.8
7.8
2020-03-10 CVE-2020-0034 Out-of-bounds Read vulnerability in multiple products
In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation.
network
low complexity
google debian CWE-125
7.5
7.5
2020-03-10 CVE-2020-0033 Out-of-bounds Write vulnerability in Google Android
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer.
local
low complexity
google CWE-787
7.8
7.8
2020-03-10 CVE-2020-0032 Out-of-bounds Write vulnerability in Google Android
In ih264d_release_display_bufs of ih264d_utils.c, there is a possible out of bounds write due to a heap buffer overflow.
network
low complexity
google CWE-787
8.8
8.8
2020-02-27 CVE-2020-6418 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-843
8.8
8.8
2020-02-27 CVE-2020-6407 Out-of-bounds Write vulnerability in Google Chrome
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-787
8.8
8.8
2020-02-27 CVE-2020-6386 Use After Free vulnerability in multiple products
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-416
8.8
8.8
2020-02-27 CVE-2020-6384 Use After Free vulnerability in multiple products
Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject redhat debian CWE-416
8.8
8.8